In the Realm of the Hackers - Breaking into Computers and Computer Networks

In the Realm of the Hackers

Breaking into Computers and Computer Networks

In the Realm of the HackersBreaking into Computers and Computer Networks

The computer underground is supported by regular real-world gatherings called hacker conventions or "hacker cons". These draw many people every year including SummerCon (Summer), DEF CON, HoHoCon (Christmas), ShmooCon (February), BlackHat, Hacker Halted, and H.O.P.E..

In the early 1980s Hacker Groups became popular, Hacker groups provided access to information and resources, and a place to learn from other members. Hackers could also gain credibility by being affiliated with an elite group.

In 1989, two Melbourne teenage hackers known as Electron and Phoenix
stole a restricted computer security list and used it to break into some
of the world's most classified and supposedly secure computer systems.

So fast and widespread was the attack, no-one could work out how it had
happened - until one of the hackers called The New York Times to brag.

Ten
years after their arrest, this dramatised documentary uncovers not only
how they did it but why. It takes us headlong into the clandestine,
risky but intoxicating world of the computer underground.

In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge.

The subculture that has evolved around hackers is often referred to as the computer underground but it is now an open community.

While other uses of the word hacker exist that are not related to computer security, they are rarely used in mainstream context. They are subject to the long standing hacker definition controversy about the true meaning of the term hacker.

In this controversy, the term hacker is reclaimed by computer programmers who argue that someone breaking into computers is better called a cracker, not making a difference between computer criminals ("black hats") and computer security experts ("white hats").

Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called crackers.

Bruce Sterling traces part of the roots of the computer underground to the Yippies, a 1960s counterculture movement which published the Technological Assistance Program (TAP) newsletter.

TAP was a phone phreaking newsletter that taught the techniques necessary for the unauthorized exploration of the phone network. Many people from the phreaking community are also active in the hacking community even today, and vice versa.

Hackers: Outlaws and Angels

This alarming program reveals the daily battle between the Internet's
outlaws and the hackers who oppose them by warding off system attacks,
training IT professionals and police officers, and watching cyberspace
for signs of imminent infowar.

Through interviews with frontline
personnel from the Department of Defense, NYPD's computer crime squad,
private detective firm Kroll Associates, X-Force Threat Analysis
Service, and several notorious crackers, the program provides
penetrating insights into the millions of hack attacks that occur
annually in the U.S. - including one that affected the phone bills of
millions and another that left confidential details of the B-1 stealth
bomber in the hands of teenagers.

The liabilities of wireless networks, the Code Red worm, and online movie piracy are also discussed.

Several subgroups of the computer underground with different attitudes and aims use different terms to demarcate themselves from each other, or try to exclude some specific group with which they do not agree. Eric S. Raymond (author of The New Hacker's Dictionary) advocates that members of the computer underground should be called crackers.

Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as one wider hacker culture, a view harshly rejected by Raymond himself. Instead of a hacker/cracker dichotomy, they give more emphasis to a spectrum of different categories, such as white hat, grey hat, black hat and script kiddie. In contrast to Raymond, they usually reserve the term cracker.

According to (Clifford R.D. 2006) a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system". These subgroups may also be defined by the legal status of their activities.

Computer crime, or cybercrime, refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target.

Netcrime refers to criminal exploitation of the Internet. Such crimes may threaten a nation’s security and financial health. Issues surrounding this type of crime have become high-profile, particularly those surrounding cracking, copyright infringement, child pornography, and child grooming.

White hat

A white hat hacker breaks security for non-malicious reasons, for instance testing their own security system. The term "white hat" in Internet slang refers to an ethical hacker.

This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement.

Often, this type of 'white hat' hacker is called an ethical hacker. The International Council of Electronic Commerce Consultants, also known as the EC-Council has developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking.

Black hat

A Black Hat Hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain". Black Hat Hackers are "the epitome of all that the public fears in a computer criminal".

Black Hat Hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network.

The way Black Hat Hackers choose the networks that they are going to break into is by a process that can be broken down into two parts. This is called the pre-hacking stage.

Part 1 Targeting - Targeting is when the hacker determines what network to break into. The target may be of particular interest to the hacker, or the hacker may "Port Scan" a network to determine if it is vulnerable to attacks. A port is defined as "an opening through which the computer receives data via the network". Open ports will allow a hacker to access the system.

Part 2 Research and Information Gathering - It is in this stage that the hacker will visit or contact the target in some way in hopes of finding out vital information that will help them access the system. The main way that hackers get desired results from this stage is from Social Engineering, which will be explained below.

Aside from Social Engineering hackers can also use a technique called Dumpster Diving. Dumpster Diving is when a hacker will literally dive into a dumpster in hopes to find documents that users have thrown away, which will help them gain access to a network.

2600: The Hacker Quarterly is an American publication that specializes in publishing technical information on a variety of subjects including telephone switching systems, Internet protocols and services, as well as general news concerning the computer "underground" and left wing, and sometimes (but not recently), anarchist issues.

Grey hat

A grey hat hacker is a combination of a Black Hat and a White Hat
Hacker. A Grey Hat Hacker may surf the internet and hack into a computer
system for the sole purpose of notifying the administrator that their
system has been hacked, for example. Then they may offer to repair their
system for a small fee.

Elite hacker

A social status among hackers, elite is used to describe the most
skilled. Newly discovered exploits will circulate among these hackers.
Elite groups such as Masters of Deception conferred a kind of
credibility on their members.

Script kiddie

A script kiddie is a non-expert who breaks into computer systems by
using pre-packaged automated tools written by others, usually with
little understanding of the underlying concept—hence the term script
(i.e. a prearranged plan or set of activities) kiddie (i.e. kid,
child—an individual lacking knowledge and experience, immature).

Neophyte

A neophyte, "n00b", or "newbie" is someone who is new to hacking or
phreaking and has almost no knowledge or experience of the workings of
technology, and hacking.

Blue hat

A blue hat hacker is someone outside computer security consulting firms
who is used to bug test a system prior to its launch, looking for
exploits so they can be closed. Microsoft also uses the term BlueHat to
represent a series of security briefing events.

Hacktivist

A hacktivist is a hacker who utilizes technology to announce a social,
ideological, religious, or political message. In general, most
hacktivism involves website defacement or denial-of-service attacks.

Hackers in Wonderland

"Hackers In Wonderland" is a documentary-film produced and directed by
Russel Barnes which reveals a lot about hacker life in United Kingdom.

This
documentary-film contains some interviews with the hackers themselves,
revealing what drives them to hack, and it reveals some opinions about
Hacktivism itself.

In the beginning of this film, you'll meet a
young lad with a nickname "ColdFire." He might have once been considered
as the most dangerous hacker in UK. He claimed that he had successfully
hacked into every single website that ever existed in UK, and
incredibly, NASA was also one of his victims.

Move to the next chapters, you'll be offered with
more interviews with US and UK hackers. One of them is Moloch
Industries. Moloch claimed that hackers are not a counter-culture
anymore in USA. Some of them are even hired by Big Companies to do some
pen-tests over their own network systems.

One of the highest profiled banking computer crime
occurred during a course of three years beginning in 1970. The chief
teller at the Park Avenue branch of New York's Union Dime Savings Bank
embezzled over $1.5 million from hundreds of accounts.

A hacking group
called the MOD (Masters of Deception), allegedly stole passwords and
technical data from Pacific Bell, Nynex, and other telephone companies
as well as several big credit agencies and two major universities. The
damage caused was extensive, one company, Southwestern Bell suffered
losses of $370,000 alone.

The U.S. Department of Defense (DoD) notes that cyberspace has emerged as a national-level concern through several recent events of geo-strategic significance. Among those are included the attack on Estonia's infrastructure in 2007, allegedly by Russian hackers.

In August 2008, Russia again allegedly conducted cyber attacks, this time in a coordinated and synchronized kinetic and non-kinetic campaign against the country of Georgia. Fearing that such attacks may become the norm in future warfare among nation-states, the concept of cyberspace operations impacts and will be adapted by warfighting military commanders in the future.

In 1983, a nineteen year old UCLA student
used his PC to break into a Defense Department international
communications system.

Between 1995 and 1998 the Newscorp satellite
pay to view encrypted SKY-TV service was hacked several times during an
on-going technological arms race between a pan-European hacking group
and Newscorp.

The original motivation of the hackers was to watch Star
Trek re-runs in Germany; which was something which Newscorp did not have
the copyright to allow.

On 26 March 1999, the Melissa worm infected a
document on a victim's computer, then automatically sent that document
and copy of the virus via e-mail to other people.

In February 2000 a
individual going by the alias of MafiaBoy began a series
denial-of-service attacks against high profile websites, including
Yahoo!, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN.

About fifty
computers at Stanford University, and also computers at the University
of California at Santa Barbara, were amongst the zombie computers
sending pings in DDoS attacks.

On 3 August 2000, Canadian federal
prosecutors charged MafiaBoy with 54 counts of illegal access to
computers, plus a total of ten counts of mischief to data for his
attacks.

The Russian Business Network (RBN) was registered as an internet
site in 2006. Initially, much of its activity was legitimate.

But
apparently the founders soon discovered that it was more profitable to
host illegitimate activities and started hiring its services to
criminals.

The RBN has been described by VeriSign as "the baddest of the
bad". It offers web hosting services and internet access to all
kinds of criminal and objectionable activities, with an individual
activities earning up to $150 million in one year. It specialized in and
in some cases monopolized personal identity theft for resale.

It is the
originator of MPack and an alleged operator of the Storm botnet.

On 2
March 2010, Spanish investigators busted 3 in
infection of over 13 million computers around the world. The "botnet" of
infected computers included PCs inside more than half of the Fortune
1000 companies and more than 40 major banks, according to
investigators.

In August 2010 the international investigation Operation
Delego, operating under the aegis of the Department of Homeland
Security, shut down the international pedophile ring Dreamboard. The
website had approximately 600 members, and may have distributed up to
123 terabytes of child pornography (roughly equivalent to 16,000 DVDs).

To date this is the single largest U.S. prosecution of an international
child pornography ring; 52 arrests were made worldwide.